exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 86 RSS Feed

Files Date: 2010-08-06

Whitepaper Called CRLF Injection Attacks
Posted Aug 6, 2010
Authored by Ali Abbasi

Whitepaper called CRLF Injection Attacks. Written in Persian.

tags | paper
SHA-256 | 1509c9511fea5145f36d6659fb23e61045c085533bc60b87c71b869a8193189d
Exploitation On ARM
Posted Aug 6, 2010
Authored by Itzhak Avraham

Whitepaper and presentation called Exploitation on ARM.

tags | paper
SHA-256 | 358de2730a3bfe6eb9b8b1f0d6bebc97b3a16eee2036fa3fb4fdfd88adf6c167
AtomixMP3 2.3 Buffer Overflow
Posted Aug 6, 2010
Authored by Hadji Samir

AtomixMP3 version 2.3 buffer overflow exploit for Microsoft Windows XP3 FR.

tags | exploit, overflow
systems | windows
SHA-256 | 9fdb40040f82ff59d065c3e16cb9f542a73b406e8ad65f714d618c2ad8925b4c
Microsoft Windows win32k.sys Buffer Overflow
Posted Aug 6, 2010
Authored by Arkon

Microsoft Windows win32k.sys driver "CreateDIBPalette()" suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 052b6e13ef068fcae01d15156200b91b305d0259552ddd6a0264d9a524e80261
Malheur Malware Analyzer 0.4.8
Posted Aug 6, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Support was added for shared n-grams: when identifying a cluster of similar malware behavior, Malheur allows you to extract a set of instructions shared by the members in the cluster.
tags | tool, forensics
SHA-256 | df152eb282e18a93d369d9d2a4b5080144ecc1e024ca75649e2b5307ca065711
Defcon 18 - reCAPTCHA Broken
Posted Aug 6, 2010
Authored by n3on | Site n3on.org

This is a whitepaper about breaking reCAPTCHA along with the presentation given at Defcon 18 (showing how the author broke it a second time right before the conference). There is also the word list included that was used for the crack and a video demonstrating this in action.

tags | paper
SHA-256 | 96be8e82237fc662626c7481c5331dbc1f5b7a900942251c08e22c1a07bb875c
Mandriva Linux Security Advisory 2010-146
Posted Aug 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-146 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service via a crafted TIFF file, a different vulnerability than CVE-2010-2443. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2595, CVE-2010-1411, CVE-2010-2065, CVE-2010-2483, CVE-2010-2597, CVE-2010-2481, CVE-2010-2067, CVE-2010-2233, CVE-2010-2482
SHA-256 | 97281473d38a1c17020486c8ef8d34328b374f039467458966916cddef933680
Mandriva Linux Security Advisory 2010-145
Posted Aug 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-145 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2595, CVE-2010-1411, CVE-2010-2065, CVE-2010-2483, CVE-2010-2597, CVE-2010-2481
SHA-256 | 25f14ded470d4ea2318841b1889fdb846d07a7f1783d57bb25b0010d9d997aa0
HP Security Bulletin HPSBGN02560 SSRT100193
Posted Aug 6, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in ProCurve 2626 and 2650 Switches. The vulnerability could result in remote unauthorized access.

tags | advisory, remote
advisories | CVE-2010-2707
SHA-256 | 05e02f24e43d1005816cfa24824554c6cf86f4e59ccfbf020c6870c11a3e1db7
RSA enVision Denial Of Service
Posted Aug 6, 2010
Site emc.com

RSA enVision versions prior 3.7 SP1 may contain potential denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2010-2634
SHA-256 | 7566319f767757867865456f7784400be8a8be03606701a7b11d6e60fb586707
KDPics 1.11 Remote File Inclusion
Posted Aug 6, 2010
Authored by Fl0riX

KDPics version 1.11 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c1ad5f6b885bff1b78c90b17e69d370b769e56b38b12c045569f2fcb875cfce8
Joomla Main SQL Injection
Posted Aug 6, 2010
Authored by Fl0riX

The Joomla Main component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 95642c1060ff97f5284fc377799e558c8baf91ee009e4f0d840c1a63cd609e9a
37 Bytes sethostname c0debreaker Shellcode
Posted Aug 6, 2010
Authored by gunslinger

37 bytes small sethostname to c0debreaker Linux shellcode.

tags | shellcode
systems | linux
SHA-256 | 503a2c0b7310baafb5afce9928d525d7be73f0a0625fd756db4188bd83e03c91
Dataface 1.0 Cross Site Scripting / Path Disclosure
Posted Aug 6, 2010
Authored by MustLive

Dataface version 1.0 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f70cfd09b2107b8d417410ba24076a80e8da87195d21e359c0f69ff9e0ba3f2b
Ubuntu Security Notice 969-1
Posted Aug 6, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 969-1 - It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2009-4901, CVE-2009-4902, CVE-2010-0407
SHA-256 | 7811f87951b4936291b4ef97a6c80e9a730967846266aa52690d1e839a0dc730
Novell iPrint Client Browser Plugin ExecuteRequest debug Parameter Remote Code Execution
Posted Aug 6, 2010
Authored by Aaron Portnoy | Site tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control. The control accepts a 'debug' parameter that is expected to be either "yes" or "true". If a string of a specific length is provided instead, a processing loop within the ExecuteRequest method can be made to corrupt a stack-based buffer. This can be leveraged by a remote attacker to execute arbitrary code under the context of the user running the web browser.

tags | advisory, remote, web, arbitrary, activex
SHA-256 | 8dbb5d8b6807df3734afa4e092b527b75a911323e3f79ba1f93c76c5ff72e259
Novell iPrint Client Browser Plugin Remote File Deletion
Posted Aug 6, 2010
Authored by Aaron Portnoy | Site tippingpoint.com

This vulnerability allows remote attackers to delete all files on a system with a vulnerable installation of the Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the nipplib.dll module that can be reached via the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The CleanUploadFiles method appears to be used to remove temporary files within a contained directory. However, due to a logic flaw a remote attacker can abuse the function to force the process to recursively delete all files on the target system.

tags | advisory, remote, activex
SHA-256 | cafa8a25eb9d3c6fd19ac0c1402793019299c2574d4537a71493b15337af1324
HP Security Bulletin HPSBGN02561 SSRT100194
Posted Aug 6, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve 2610 Switches running DHCP. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS).

tags | advisory, denial of service
advisories | CVE-2010-2708
SHA-256 | 433e52cff1bbe7d663d27b5238a8a1b3dedcbc5b57fe8ed4fc3be66d84ff3768
HP Security Bulletin HPSBGN02559 SSRT100192
Posted Aug 6, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve 2610 Switch In-band Agent. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS).

tags | advisory, denial of service
advisories | CVE-2010-2706
SHA-256 | bd5a315e95471482f3190a2fca7b76e9902be99eb297f04e6d862bf2643a3a02
Frigate 3.36 Directory Traversal
Posted Aug 6, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Frigate version 3.36 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 3956532e3bbee40bfe758fbcb71671930a76b645d5a2d25a808f85195a9fc5cf
Listener 2.0.0
Posted Aug 6, 2010
Authored by Folkert van Heusden | Site vanheusden.com

This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.

Changes: First version which is using ALSA for sound I/O.
systems | linux
SHA-256 | df5f88350c8557ac3ddf7b31863da8cc0cf9163ec0473d04dbc559eea9ed7902
Debian Linux Security Advisory 2089-1
Posted Aug 6, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2089-1 - Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2010-1917, CVE-2010-2225
SHA-256 | 0ce5b16b55beed371cfcf51be1ebd61a21cffafa2fb657fbe3999380c36cd4d0
Zero Day Initiative Advisory 10-142
Posted Aug 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of the first-letter style in the context of an SVG text element. Upon applying the style to this element, the library will calculate the height for determining the overflow for an inline box. While traversing the elements for the height, the library will utilize data from a non-existent linebox. Successful exploitation will lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-1785
SHA-256 | 08f506cbb1ba71097c06089086918680a3ac1c63e340bde4925c0cc9d05b3885
Zero Day Initiative Advisory 10-141
Posted Aug 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's layout implementation of an particular tag used for embedding a foreign document into the SVG namespace. Later when the application attempts to calculate layout information for rendering the contents of the tag, the application will attempt to access a linebox that was previously destroyed. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-1786
SHA-256 | e19313bc4dfe7e353f078dc197a46a139920c1adcff50c447522e6e7908af4e4
Ubuntu Security Notice 968-1
Posted Aug 6, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 968-1 - It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into installing unsigned packages, resulting in arbitrary code execution with root privileges.

tags | advisory, remote, arbitrary, root, code execution
systems | linux, ubuntu
advisories | CVE-2010-0834
SHA-256 | 6cb7cb1dcfeabb850f3a2dfbe5e6c6aefbaa092250dd76574e4071f9233bc069
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close